10 Latest Global Cybersecurity Breaches, Hacks, Ransomware Attacks and Privacy Fines (2025)

Major Data Breaches

1. Yale New Haven Health System Data Breach (April 2025)

Yale New Haven Health experienced a significant data breach affecting 5.5 million patients. Detected on March 8, 2025, and disclosed on April 11, 2025, threat actors stole personal data of patients in a cyber attack that compromised names, dates of birth, addresses, phone numbers, email addresses, race/ethnicity, Social Security numbers, and medical record numbers. Source: Bleeping Computer

Understanding the Latest Wave of Ransomware Attacks: July 2024 Insights

As ransomware attacks continue to pose a significant threat to global cybersecurity, it is crucial for businesses and individuals to stay informed about the latest trends and incidents. In this article, we delve into the details of the most recent ransomware attacks reported in June and July 2024, highlighting key

Breached CompanyBreached Company

2. Blue Shield of California Data Breach (April 2025)

One of the largest healthcare breaches in early 2025, Blue Shield of California reported an incident to the U.S. Department of Health and Human Services impacting 4.7 million individuals. The breach was part of a larger series of healthcare data compromises that affected multiple organizations including Onsite Mammography, Kelly & Associates Insurance Group, and other medical providers. Source: The Record Media

3. Hertz Data Breach (April 2025)

Car rental giant Hertz began notifying customers of a major data breach caused by Cl0p ransomware. The stolen data varied by region but broadly included customers' names, dates of birth, contact information, driver's licenses, payment card information, and workers' compensation claims. This breach impacted customers worldwide. Source: TechCrunch

Major Ransomware Attacks

4. Marks & Spencer Cyber Attack (April 2025)

British retailer Marks & Spencer (M&S) suffered a significant cyber incident attributed to the Scattered Spider group. The attack resulted in postponed deliveries, halted online transactions, and frozen gift card processing systems. Customers reported on social media that various electronic payment systems were not working, including card payments, gift cards, and the retailer's Click and Collect service. Source: The Record Media

Cybersecurity Breaches Overview - 2023

Dive deep into the most significant cybersecurity breaches that shook the world in 2023. From the FAA’s disruption affecting flights to MGM Resorts’ massive financial loss, we cover it all. This video provides a comprehensive breakdown of each breach, its impact, and the culprits behind them. Stay informed and protect

Breached CompanyBreached Company

5. Qilin Ransomware Campaign (April 2025)

Qilin ransomware emerged as the dominant ransomware threat in April 2025, with 72 data leak disclosures, making it the most active ransomware operation for the month. The group leveraged NETXLOADER, a new .NET-based loader that stealthily deployed additional malicious payloads. Qilin's prominence increased dramatically since February 2025, with disclosures more than doubling compared to previous months. Source: The Hacker News

6. Play Ransomware Windows Zero-Day Exploit (May 2025)

The Play ransomware gang exploited a Windows vulnerability (CVE-2025-29824) as a zero-day in attacks targeting organizations in the United States. The vulnerability affected the Windows Common Log File System (CLFS) driver and allowed attackers to gain SYSTEM privileges on compromised machines. The exploit was used before Microsoft patched the vulnerability in April 2025. Source: The Hacker News

Understanding Cyber Breach Costs in 2024: A Comprehensive Guide to Preparing, Protecting, and Forecasting

As cyber threats continue to evolve, the financial implications of a data breach are increasingly daunting. In 2024, ransomware, phishing, insider threats, and dark web marketplaces for stolen data have intensified, making it critical for organizations of all sizes to understand the potential financial impact of a breach. This comprehensive

Breached CompanyBreached Company

7. DaVita Ransomware Attack (April 2025)

Dialysis firm DaVita was hit by a ransomware attack from the Interlock gang that encrypted certain elements of its network. The attack disrupted operations despite interim measures implemented by the company. The ransomware group claimed to have stolen 1.51 terabytes of data from DaVita and posted samples of the stolen information online. Source: Reuters/CM-Alliance

Major Privacy Fines

8. Uber GDPR Fine (2024-2025)

Uber received a €290 million ($324 million) fine from the Dutch Data Protection Authority for unlawfully transferring the personal data of European taxi drivers to the United States without adequate safeguards. This represents one of the largest GDPR fines ever imposed and highlights the strict enforcement of data transfer regulations between the EU and US. Source: Reuters

Case Study: High-Profile Cyber Breaches of 2024 and Global Cyber Attack Statistics

In 2024, numerous companies across various sectors experienced significant cyber breaches. These incidents highlight the growing sophistication of cyber threats and the critical need for robust cybersecurity measures. This case study examines some of the major breaches that occurred in 2024, detailing the impact on the affected companies and providing

Breached CompanyBreached Company

9. Meta (Instagram) GDPR Fine (2024-2025)

Meta faced a €405 million ($427 million) fine related to Instagram's handling of children's data. The penalty was imposed because Instagram's business accounts feature revealed phone numbers and email addresses of children aged 13-17, violating the GDPR requirement for privacy by design and default. This represents one of the largest fines in the ongoing regulatory actions against Meta platforms. Source: CookieYes

10. Frederick Health Data Breach (April 2025)

A ransomware attack in January at Frederick Health Medical Group, a major healthcare provider in Maryland, led to a data breach affecting nearly one million patients. The breach was disclosed in April 2025 after investigation revealed the extent of the compromise. Source: Bleeping Computer

The 15 Most Devastating Data Breaches in History

From nation-state cyberattacks to corporate security failures, these breaches exposed billions of records and reshaped global cybersecurity practices. Navigating the Cyberstorm: A Deep Dive into Global Data BreachesIntroduction In today’s interconnected world, cybersecurity incidents are not a matter of if, but when. A recent data breach highlights the ever-present

Breached CompanyBreached Company

Other Significant Incidents

• PoisonSeed Phishing Campaign (April 2025): A large-scale phishing campaign compromised corporate email marketing accounts at Mailchimp, SendGrid, HubSpot, Mailgun, and Zoho to distribute emails containing crypto seed phrases used to drain cryptocurrency wallets. The campaign targeted Coinbase and Ledger users.
• Cell C Data Leak (April 2025): South Africa's fourth-largest mobile network operator, Cell C, confirmed that its data was leaked on the dark web following a cyber attack. The RansomHouse group claimed to have breached 2TB of the company's data, affecting its 7.7 million subscribers.
• Sensata Technologies Ransomware Attack (April 2025): Industrial tech manufacturer Sensata suffered from a ransomware attack that impacted its operations, including shipping, receiving, manufacturing production, and various other support functions.

Major Cyber Attacks and Data Breaches: July-August 2024 Update

As we move into August 2024, the cybersecurity landscape continues to evolve with a series of significant attacks targeting various sectors globally. This article provides a comprehensive overview of the most notable incidents from late July to early August 2024, highlighting the ongoing challenges faced by organizations and individuals in

Breached CompanyBreached Company

These incidents highlight the continued global threat of cybersecurity breaches, ransomware attacks, and the significant financial penalties organizations face for data privacy violations. The healthcare sector remains particularly vulnerable, with several major breaches affecting millions of patients' sensitive information.